Our company considers it a separation of duties violation for configurators to perform any form of testing in the User Acceptance Test client. I would appreciate input about whether your configurators are also prohibited from testing. Specifically, I would appreciate responses on:

If you consider configurator testing in the test client a SoD violation, why?

If you allow configurators to test in the test client and don't consider it a violation, why to you not consider this to be a conflict.

I wish we had enough warm bodies so that configurators did not have to be involved in our GRC testing; with only 4.5 FTEs on the team, we just barely have enough people to cover all the roles in the processes. The configurators along with the others on the security team do the unit testing, and key end users from the business do the end to end UAT, following test scripts prepared by the GRC project team.

Our company considers it a separation of duties violation for configurators to perform any form of testing in the User Acceptance Test client. I would appreciate input about whether your configurators are also prohibited from testing. Specifically, I would appreciate responses on:

If you consider configurator testing in the test client a SoD violation, why?

If you allow configurators to test in the test client and don't consider it a violation, why to you not consider this to be a conflict.